//package com.angel.bo.auth.client.config.security;
//
//import com.angel.bo.admin.config.security.bean.AuthUser;
//import com.angel.bo.admin.config.security.jwt.JwtTokenUtil;
//import org.slf4j.Logger;
//import org.slf4j.LoggerFactory;
//import org.springframework.security.authentication.BadCredentialsException;
//import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
//import org.springframework.security.core.context.SecurityContextHolder;
//import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
//import org.springframework.web.filter.OncePerRequestFilter;
//
//import javax.servlet.FilterChain;
//import javax.servlet.ServletException;
//import javax.servlet.http.HttpServletRequest;
//import javax.servlet.http.HttpServletResponse;
//import java.io.IOException;
//
///**
// * @author zhangwei
// * 自定义jwt token鉴权过滤器
// */
//public class JwtAuthorizationTokenFilter extends OncePerRequestFilter {
//
//    private final Logger logger = LoggerFactory.getLogger(this.getClass());
//
//    private JwtTokenUtil jwtTokenUtil;
//    private String tokenHeader;
//
//    public JwtAuthorizationTokenFilter(JwtTokenUtil jwtTokenUtil, String tokenHeader) {
//        this.jwtTokenUtil = jwtTokenUtil;
//        this.tokenHeader = tokenHeader;
//    }
//
//    /**
//     * 校验token状态
//     *
//     * @param request
//     * @param response
//     * @param chain
//     * @throws ServletException
//     * @throws IOException
//     */
//    @Override
//    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws ServletException, IOException {
//        final String authToken = request.getHeader(this.tokenHeader);
//
//        String username = null;
//        if (authToken != null) {
//            try {
//                username = jwtTokenUtil.getAccountFromToken(authToken);
//            } catch (IllegalArgumentException e) {
//                throw new BadCredentialsException("无效的TOKEN");
//            }
//        }
//
//        if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) {
//            logger.debug("被鉴权用户: '{}'", username);
//            //如果用户名不为空,并且当前security的上下文中没有Authentication认证信息时
//            //你并不是必须从数据库读取用户信息,也可以将用户信息存储在token里,这样你可以直接从token读取用户信息
//            JwtInfo jwtInfo;
//            jwtInfo = jwtTokenUtil.getJwtInfoFromToken(authToken);
//            AuthUser user = jwtInfo.returnUser();
//            if (jwtTokenUtil.validateToken(authToken, user)) {
//                UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(user, null, user.getAuthorities());
//                authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
//                logger.info("鉴权通过 '{}', 放入security上下文", username);
//                SecurityContextHolder.getContext().setAuthentication(authentication);
//            } else {
//                throw new BadCredentialsException("无效的TOKEN");
//            }
//        }
//        chain.doFilter(request, response);
//    }
//}
